Recently I faced a weird situation where my app was working fine in all Android versions except Android Pie.
java.io.IOException: Cleartext HTTP traffic to * not permitted
After lots of debugging I came to know it was because my server was not secure ie it was using HTTP (not HTTPS). Android P uses HTTPS by default. What this means is that if you are using unencrypted HTTP requests in your app, the app will work fine in all versions of Android except Android P.
Let’s consider two situations where your app won’t work properly in Android P.
1. If your server is on HTTP obviously it won’t work in Android P.
2. When your server is on HTTPS but it is returning something like an image URL which is HTTP, you won’t be able to load the image in Android P.
From Android 9 Pie now, requests without encryption will never work. The System will expect you to use TLS by default.
The easy way to implement this is to use this attribute to your AndroidManifest.xml where you allow all http for all the requests.
android:usesCleartextTraffic=”true”
We have to add these lines to the application tag like below.
<application android:usesCleartextTraffic="true" />
<?xml version="1.0" encoding="utf-8"?> <network-security-config> <domain-config cleartextTrafficPermitted="true"> <domain includeSubdomains="true">abc.com</domain> <domain includeSubdomains="true">pqr.com</domain> </domain-config> </network-security-config>
<application android:networkSecurityConfig="@xml/network_security_config" />